Skip to content

The catalog

Browse Reproductions

191 verified reproductions

RSS Feed

191 reproductions

REPRO-2026-00066 published

Skipper Lua Filter Arbitrary Code Execution

GHSA-cc8m-98fm-rc9g high Security go
github.com/zalando/skipper
9m 5s Jan 17, 2026
REPRO-2026-00065 published

node-tar Arbitrary File Overwrite via Hardlink Escape

GHSA-8qq5-rm4j-mr97 high Security npm
tar
6m 8s Jan 17, 2026
REPRO-2026-00064 published

node-tar Arbitrary File Overwrite via Hardlink Escape

GHSA-8qq5-rm4j-mr97 high Security npm
tar
6m 8s Jan 17, 2026
REPRO-2026-00063 published

deepdiff: Class Pollution RCE via Delta Tuple Path Bypass

CVE-2025-58367 critical Security pip
deepdiff
1m 7s Jan 13, 2026
REPRO-2026-00062 published

langgraph-checkpoint: Constructor Deserialization RCE in JsonPlusSerializer

CVE-2025-64439 high Security pip
langgraph-checkpoint
1m 7s Jan 12, 2026
REPRO-2026-00061 published

python-socketio: Pickle Deserialization RCE in PubSub Manager

CVE-2025-61765 medium Security pip
python-socketio
1m 5s Jan 12, 2026
REPRO-2026-00054 published

Craft CMS: Unauthenticated Database Backup Trigger

CVE-2025-68456 medium Security composer
craftcms/cms
36m 45s Jan 8, 2026
REPRO-2026-00052 published

ComfyUI-Manager: Configuration File Exposure via Web-Accessible Path

CVE-2025-67303 high Security pip
ComfyUI-Manager
11m 32s Jan 8, 2026
REPRO-2026-00045 published

BentoML RCE via Insecure Deserialization

CVE-2025-27520 critical Security pip
bentoml
16m 37s Jan 7, 2026
REPRO-2026-00044 published

jsPDF Local File Inclusion/Path Traversal in Node.js builds

CVE-2025-68428 critical Security npm
jspdf
8m 13s Jan 7, 2026
REPRO-2026-00001 published

Setuptools Path Traversal via PackageIndex.download

CVE-2025-47273 high Security pip
setuptools
14m 9s Jan 7, 2026